Best to steer clear of scaremongerers when you go around talking about Android devices.
1. The vast, and I mean virtually all, of Android targetted malware, comes in the form of malicious Apps that the user voluntarily installs themselves.
2. Android anti-virus tools *all* concentrate on addressing this issue and only really scan apps as they are installed. However, the general consensus is that all of them are bobbins and not one of them will detect all of the most common forms of attack vector. In fact, a number of these tools are actually malware themselves.
So what can Android users do? It’s more about not installing a collection of unknown, untrusted apps than it is about browsing activity.
Stick to apps made by reputable companies that have many tens of thousands of downloaders. Use application review sites to make your choices and don’t download apps from strange markets.